2 # SPDX-License-Identifier: EPL-1.0
3 ##############################################################################
4 # Copyright (c) 2023 The Linux Foundation and others.
6 # All rights reserved. This program and the accompanying materials
7 # are made available under the terms of the Eclipse Public License v1.0
8 # which accompanies this distribution, and is available at
9 # http://www.eclipse.org/legal/epl-v10.html
10 ##############################################################################
11 echo "---> snyk-cli-scanner-run.sh"
12 # shellcheck disable=SC1090
15 # Install Snyk CLI dependencies for Python
16 if [[ "$JOB_NAME" =~ "python" ]]; then
17 # Install Snyk CLI dependencies for Python based projects
18 lf-activate-venv flask flask-api flask-cors pg8000 pandas
22 # Add mvn to PATH so that the Snyk CLI can use it
23 export PATH=$PATH:"$M2_HOME"/bin
24 # Download and install the latest Snyk scanner
25 echo "Installing Snyk (latest)..."
26 curl https://static.snyk.io/cli/latest/snyk-linux -o snyk
28 sudo mv ./snyk /usr/local/bin/
29 echo "Verifying Snyk version..."
31 echo "Authenticate with SNYK_TOKEN..."
33 echo "Running Snyk CLI..."
34 if [[ "$JOB_NAME" =~ "docker" ]]; then
35 snyk container test "$SNYK_CLI_OPTIONS" \
36 "$CONTAINER_PULL_REGISTRY/$DOCKER_NAME:$DOCKER_IMAGE_TAG" --org="$SNYK_ORG"
37 snyk container monitor "$SNYK_CLI_OPTIONS" \
38 "$CONTAINER_PULL_REGISTRY/$DOCKER_NAME:$DOCKER_IMAGE_TAG" --org="$SNYK_ORG"
40 snyk test --json --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"
41 snyk monitor --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"